api-nestjs-reviewer
Pass
Audited by Gen Agent Trust Hub on Mar 12, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill creates a surface for indirect prompt injection by ingesting and analyzing untrusted source code from a project.
- Ingestion points: NestJS code files (controllers, commands, queries, etc.) are read using the Read, Grep, and Glob tools.
- Boundary markers: The skill instructions do not define delimiters to separate agent instructions from the code being processed.
- Capability inventory: The skill is granted the Edit tool, which allows it to modify the codebase.
- Sanitization: No sanitization or validation of the analyzed code content is specified to prevent malicious instructions in code comments or data from affecting agent behavior.
Audit Metadata